|
287271
|
- |
|
juniper
|
network_and_security_manager_software
nsm3000
nsmexpress
|
Unspecified vulnerability in the NSM XDB service in Juniper NSM before 2012.2R8 allows remote attackers to execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-3411
|
2024-11-21 11:08 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287272
|
- |
|
flag_module_project
|
flag
|
Eval injection vulnerability in the flag_import_form_validate function in includes/flag.export.inc in the Flag module 7.x-3.0, 7.x-3.5, and earlier for Drupal allows remote authenticated administrato…
|
CWE-94
Code Injection
|
CVE-2014-3453
|
2024-11-21 11:08 |
2014-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287273
|
- |
|
spumko_project
|
hapi_server_framework
|
The hapi server framework 2.0.x and 2.1.x before 2.2.0 for Node.js allows remote attackers to cause a denial of service (file descriptor consumption and process crash) via unspecified vectors.
|
CWE-399
Resource Management Errors
|
CVE-2014-3742
|
2024-11-21 11:08 |
2014-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287274
|
- |
|
canonical
djangoproject
opensuse
debian
|
ubuntu_linux
django
opensuse
debian_linux
|
The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly validate URLs, which allows remote attackers to condu…
|
CWE-20
Improper Input Validation
|
CVE-2014-3730
|
2024-11-21 11:08 |
2014-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287275
|
- |
|
codecguide
|
k-lite_codec_pack
|
Filters\LAV\avfilter-lav-4.dll in K-lite Codec 10.4.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .jpg file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3452
|
2024-11-21 11:08 |
2014-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287276
|
- |
|
dlink
|
dap_1150_firmware
dap_1150
|
Cross-site scripting (XSS) vulnerability in D-Link DAP 1150 with firmware 1.2.94 allows remote attackers to inject arbitrary web script or HTML via the res_buf parameter to index.cgi in the Control/U…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3761
|
2024-11-21 11:08 |
2014-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287277
|
- |
|
dlink
|
dap_1150_firmware
dap_1150
|
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP 1150 with firmware 1.2.94 allow remote attackers to hijack the authentication of administrators for requests that (1) enable o…
|
CWE-352
Origin Validation Error
|
CVE-2014-3760
|
2024-11-21 11:08 |
2014-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287278
|
- |
|
karlen_walter
|
si_bibtex
|
Multiple SQL injection vulnerabilities in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allow remote attackers to execute arbitrary SQL commands via vectors related to the (1) search …
|
CWE-89
SQL Injection
|
CVE-2014-3759
|
2024-11-21 11:08 |
2014-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287279
|
- |
|
karlen_walter
|
si_bibtex
|
Cross-site scripting (XSS) vulnerability in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via vectors related to the imp…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3758
|
2024-11-21 11:08 |
2014-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287280
|
- |
|
bilyoner
|
bilyoner
|
The Bilyoner application before 2.3.1 for Android and before 4.6.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain se…
|
CWE-310
Cryptographic Issues
|
CVE-2014-3750
|
2024-11-21 11:08 |
2014-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
